How much is set in stone?

[Tim Peters]

[Andrew Dalke]
> I've been involved with c.l.py for 6 years.  I recall reading the
> documentation that pickles don't save code objects so should be
> safer than marshalls for sending data between intelligent agents.
>
> I had always assumed it was safe.  It wasn't until this thread
> came up that I knew there was a problem.  (Eg, elsewhere I posted
> a pickle that could be used to remove an arbitrary file.)

Oddly enough, cPickle rejects that pickle (it only deletes the file when
using pickle.py).

> So I don't think it's common enough.  Now I need to revisit how
> I've done some of my quick&dirty network protocols (pickles over
> an http session) as I now know it's highly insecure for both
> the client and the server.

On the bright side of darkness <wink>, not all of cPickle got documented.
We'll try to repair that for 2.2.  In particular, you can set a find_global
attribute on a cPickle Unpickler to supply your own function for resolving
names, and of special interest is that if you set it to None, the Unpickler
won't import modules or unpickle class instances at all.  You could, of
course, also supply a function that accetps only a set of blessed names
(etc).

hiding-security-is-our-middle-name-ly y'rs  - tim